Terminology
- gcc: 是 GNU compiler collection 的缩写,它是 Linux 下一个编译器集合( 相当于 javac ), 是 c 或 c++程序的编译器
远程登录 SSH
ssh 配置文件 /etc/ssh/sshd.config
使用 ssh public key 登录系统
#方法一
cat ~/.ssh/id_rsa.pub | ssh root@192.168.10.213 'cat >> .ssh/authorized_keys && echo "Key copied"'
#方法二
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.10.213
ssh 生成ssl证书
# interactive
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365
# non-interactive and 10 years expiration
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname"
ssh启用root登录
修改配置文件之后重启ssh,sudo service ssh restart
# 修改配置文件
PermitRootLogin yes ##允许root登陆
PasswordAuthentication yes ##允许用密码方式登陆
linux 修改 dns
Windows上的shell脚本在Linux上执行不了
problem is with dos line ending. Following will convert it for unix
dos2unix file_name NB: you may need to install dos2unix first with apt install dos2unix
another way to do it is using sed command to search and replace the dos line ending characters to unix format:
$sed -i -e 's/\r$//' your_script.sh
ubuntu 软件包管理
apt 命令是 Debian Linux 发行版中的 APT 软件包管理工具,使用 apt-get 命令的第一步就是引入必需的软件库,/etc/apt/sources.list 是存放这些地址列表的配置文件
apt-vs-dpkg-debian
APT stands for Advanced Packaging Tools used in Debian and its derivatives to manage packages. It is used for installing, upgrading, configuring, removing packages, and maintaining source repositories. But, Linux has a modular design philosophy which APT also follows Instead of doing all tasks themselves in a monolithic manner, it employs several different applications under the hood to do those tasks. For example, it might use curl to download the .deb source package and all its dependencies and then use dpkg to install it.
dpkg (Debian Package Manager) works under the hood of APT. While APT manages remote repositories and resolves dependencies for you, it uses dpkg to actually make the changes of installing/removing packages. dpkg on itself cannot retrieve/download files from remote repositories, nor can it figure out dependencies.
| Functions | APT | dpkg |
|---|---|---|
| Can download packages from remote repositories | YES | NO |
| Can resolve dependencies | YES | NO |
| Install local packages | YES(using dpkg) | YES |
| Install remote package | YES (using dpkg) | NO (users need to manually download a package if they wish to use dpkg) |
| List installed packages | YES | YES |
安装包格式
.deb格式:dpkg -i <下载好的安装包>.bin格式: 直接在命令行中执行该文件既可tar.gz格式: 先要通过命令将压缩包解压,然后才能进行编译,继而进行安装
# 解压
tar -zxvf FileName.tar.gz
# 配置
./configure
# 编译
make
# 安装
make install
Syntax
Array
Expansions and substitutions
man 命令
Man doesn't work on Ubuntu 18.04
Bash 中的任务管理工具
Ctrl+Z和Ctrl+C:Ctrl C是强制终止程序的执行并结束进程。而Ctrl Z则只是中断任务的执行,但该任务并没有结束,它只是在进程中维持挂起的状态,用户可以使用fg/bg操作来继续前台/后台执行该任务&fg将后台作业移动到前台终端运行bg将前台终端作业移动到后台运行kill发送信号到进程,kill -l列出所有信号名称,
vim 1.txt
# 按 Ctrl + Z 挂起任务
vim 2.txt
# 按 Ctrl + Z 挂起任务
jobs -l # 显示当前任务以及 pid
fg %1 # 恢复编辑1.txt
jobs -l
kill -9 vim-pid
debug Bash
bash -x scriptName
奇怪的bug
ctl+] 切换 然后quit退出.
linux 防火墙
- firewall: mA firewall is a set of rules. When a data packet moves into or out of a protected network space, its contents (in particular, information about its origin, target, and the protocol it plans to use) are tested against the firewall rules to see if it should be allowed through
- iptables: is a tool for managing firewall rules on a Linux machine.
- firewalld: is also a tool for managing firewall rules on a Linux machine.
ubuntu 不休眠技巧
sudo vim /etc/systemd/logind.conf
#suspend -> ignore
#HandleLidSwitch=suspend
HandleLidSwitch=ignore
sudo systemctl restart systemd-logind.service
ubuntu 静态IP(set static ip)
cd /etc/netplan
vim 00-installer-config-wifi.yaml
wifi config yaml file
network:
version: 2
wifis:
wlp6s0:
access-points:
CMCC-xiaochenchen:
password: t63bu9tn*
addresses: [ 192.168.1.5/24 ]
# gateway4: 192.168.1.1
routes:
- to: default
via: 192.168.1.1
nameservers:
addresses: [ 8.8.8.8,8.8.8.4,114.114.114.114 ]
dhcp4: no
应用设置:sudo netplan try
shell 设置变量默认值
test.sh,为$1 变量设置默认 tomcat 下载地址
#!/usr/bin/env bash
downloadUrl=${1:-https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.83/bin/apache-tomcat-9.0.83.tar.gz}
echo "downloadUrl is:${downloadUrl}"
执行 ./test.sh http://example.com,则输出 downloadUrl is:http://example.com
echo 叮咚 声音
#\a alert (bell)
echo -e "\a Ding dong\a"
特殊字符
\: You can use the backslash () as last character on line to continue command on next line$IFS: The Internal Field Separator (IFS)
printf vs echo
export
By default all user defined variables are local. They are not exported to new processes. Use export command to export variables and functions to child processes.
export backup="/nas10/mysql"
echo "Backup dir $backup"
bash # start a new shell instance, enter: bash
echo "Backup dir $backup"
HERE DOCUMENTS VS HERE STRINGS
here documents:This type of redirection tells the shell to read input from the current source (HERE) until a line containg only word (HERE) is seen. HERE word is not subjected to variable name, parameter expansion, arithmetic expansion, pathname expansion, or command substitution. All of the lines read up to that point are then used as the standard input for a command. Files are processed in this manner are commonly called here documents. If you do not want variable name, parameter expansion, arithmetic expansion, pathname expansion, or command substitution quote HERE in a single quote
command <<HERE
text1
text2
testN
$varName
HERE
Here strings:The $word (a shell variable) is expanded and supplied to the command on its standard input
command <<<$word
字符串拆分小技巧
# /etc/passwd
pwd=zonglinlee:x:1000:1000:zonglinlee:/home/zonglinlee:/bin/bash
oldIFS="$IFS"
IFS=:
read -r login password uid gid info home shell <<< "$pwd"
printf "Your login name is %s, uid %d, gid %d, home dir set to %s with %s as login shell\n" $login $uid $gid $home $shell
IFS="$oldIFS"
Bash variable existence check
syntax
${varName?Error varName is not defined}
${varName:?Error varName is not defined or is empty}
例子
#!/usr/bin/env bash
path=${1:?Error command line argument not passed}
echo "backup path is $path"
echo "i am done if \$path is set"
shell startup Script Execution Order
/etc/profile - It contains Linux system wide environment and startup programs. This file runs first when a user logs in to the system. This file also act as a system-wide profile file for the bash shell. /etc/profile.d - /etc/profile calls /etc/profile.d/. It is a directory and all scripts in this directory are called by /etc/profile using a for loop. This file runs second when a user logs in. ~/.bash_profile or $HOME/.bash_profile - Finally, the file ~/.bash_profile is called in the users home directory ( $HOME). This file runs third when a user logs in. This file calls ~/.bashrc in the users home directory.
Changing bash prompt 参考
export PS1="\e[0;31m[\e[m \e[0;33m\u\e[m@\e[0;34m\h\e[m \e[0;34m\w\e[m \e[0;31m]\e[m\$"
< /dev/null
< /dev/urandom
Create a random password tr -dc A-Za-z0-9_ < /dev/urandom | head -c12 | xargs
ssh隧道1
# ssh本地转发 将远程 remote-host-ip:8848 端口转发到 localhost:8848,浏览器直接访问8848即可
ssh -N -L 8848:localhost:8848 root@remote-host-ip
ssh隧道2
ssh隧道3
中间件初始化注意事项
redis
daemonize yes # 可以后台运行 默认 no
port 6379 # 默认端口
requirepass 123456 #默认没有密码
bind 127.0.0.1 #修改绑定IP
修改端口后测试 redis-cli -p 63791 ping 指定配置文件启动redis ./redis-server /usr/local/redis/etc/redis.conf &
nacos
进入 nacos bin目录/nacosInstallFolder/nacos/bin,启动命令 sh startup.sh -m standalone
#配置文件路径: /nacosInstallFolder/nacos/conf/application.properties
nacos.core.auth.system.type=nacos
nacos.core.auth.enabled=true
# 自定义密钥时,推荐将配置项设置为Base64编码的字符串,且原始密钥长度不得低于32字符
nacos.core.auth.default.token.secret.key=VGhpc0lzTXlDdXN0b21TZWNyZXRLZXkwMTIzNDU2Nzg=
spring-boot
- 关闭swagger /api/doc.html |
- 关闭 Actuator
# 关闭 Actuator
management:
server:
port: -1 # 修改端口,跳过安全漏洞扫描
endpoints:
enabled: false
enabled-by-default: false
web:
exposure:
include: '*'
nginx
#关闭目录遍历
autoindex off;
java jar包 utf8启动
java -Dfile.encoding=UTF-8 -jar app.jar
Reference
- linux command
- Linux Bash Shell Scripting Tutorial Wiki
- explain-shell
- https://dunwu.github.io/linux-tutorial/
- kjyw 快捷运维
- magic-of-sysuse-scripts
- 18个Linux Shell脚本经典案例(bilibili)
- Ubuntu Post Install Scripts
- shell_scripts
- 运维外挂小工具
- The-art-of-command-line
- pure-bash-bible
- Bash scripting cheatsheet
- devops-exercises
- devops-resources | bash
- devops-exercises | bash
- devops-resources | linux
- devops-exercises | linux
- 在 Windows 中使用 Cygwin
- bash-source-command
- tr command
- sed command
- awk command